Astra Linux - уязвимость в batik

A vulnerability in Batik of Apache XML Graphics allows an attacker to execute untrusted Java code from an SVG. This issue affects Apache XML Graphics versions prior to 1.16. It is recommended to update to version 1.16...

Astra Linux - уязвимость в batik

A Server-Side Request Forgery SSRF vulnerability exists in the Batik of Apache XML Graphics, allowing attackers to access files using a Jar URL. This issue affects Apache XML Graphics Batik 1.14...

Unity Linux 20.1070e Security Update: batik (UTSA-2026-017770)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017770 advisory. Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an...

Unity Linux 20.1070e Security Update: batik (UTSA-2026-017788)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017788 advisory. Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the xlink:href attributes. By using a specially-crafted argument, a...

Astra Linux - уязвимость в batik

Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...

Astra Linux - уязвимость в batik

Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14...

Astra Linux - уязвимость в batik

Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14...

Astra Linux - уязвимость в batik

Server-side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik. This issue affects Apache XML Graphics Batik version 1.16. In version 1.16, a malicious SVG file may trigger the loading of external resources by default, leading to resource consumption or, in...

Astra Linux - уязвимость в batik

Server-side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik. This issue affects Apache XML Graphics Batik version 1.16. A malicious SVG can probe user profile/data and send it directly as a parameter to a URL...

Astra Linux - уязвимость в batik

A vulnerability in Batik of Apache XML Graphics allows an attacker to execute Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics versions prior to 1.16. Users are recommended to upgrade to version 1.16...

Security Bulletin: InfoSphere Data Architect (IDA) 9.2.1 Vulnerability Fixes.

Summary This is the Summary of the Vulnerabilities reported in - InfoSphere Data Architect IDA 9.2.1 Vulnerability Details CVEID:CVE-2022-38398 DESCRIPTION: Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This...

CVE-2026-24807

Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules. This vulnerability is associated with program files SeekableOutputStream.Java. This issue affects quick-media:...

CVE-2026-24806

Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects quick-media...

com.github.liuyueyi.media:svg-core (>=2.5 <=3.0.0) potentially affected by CVE-2026-24807 via com.github.liuyueyi.media:batik-codec-fix (>=2.5 <=3.0.0)

com.github.liuyueyi.media:batik-codec-fix MAVEN version =2.5, =2.5, =3.0.0 Source cves: CVE-2026-24807 Source advisory: OSV:GHSA-23F4-HFMQ-94MJ...

com.github.liuyueyi.media:svg-core (>=2.5 <=3.0.0) potentially affected by CVE-2026-24807 via com.github.liuyueyi.media:batik-codec-fix (>=2.5 <=3.0.0)

com.github.liuyueyi.media:batik-codec-fix MAVEN version =2.5, =2.5, =3.0.0 Source cves: CVE-2026-24807 Source advisory: SNYK:JAVA-COMGITHUBLIUYUEYIMEDIA-15127915...

Quick-Media Batik Codec FIX package has Code Injection vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects all...

com.github.liuyueyi.media:svg-core (>=2.5 <=3.0.0) potentially affected by CVE-2026-24806 via com.github.liuyueyi.media:batik-codec-fix (>=2.5 <=3.0.0)

com.github.liuyueyi.media:batik-codec-fix MAVEN version =2.5, =2.5, =3.0.0 Source cves: CVE-2026-24806 Source advisory: OSV:GHSA-8623-9FWR-4CXV...

Quick-Media Batik Codec FIX Package has Buffer Overflow Vulnerability in PNG Codec

Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules. This vulnerability is associated with program files SeekableOutputStream.Java. This issue affects all versions...

GHSA-8623-9FWR-4CXV Quick-Media Batik Codec FIX package has Code Injection vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects all...

GHSA-23F4-HFMQ-94MJ Quick-Media Batik Codec FIX Package has Buffer Overflow Vulnerability in PNG Codec

Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules. This vulnerability is associated with program files SeekableOutputStream.Java. This issue affects all versions...